Branch domain controller port settings

I currently have three sites that need to ensure synchronization and communication between AD sites. In this case, which ports need to be opened for domain control?
1: domain control of the three sites can communicate with each other normally (including replication, etc)
2: at ordinary times, the client of each site can access the domain control of their respective sites, but when the site's domain control fails, you must be able to access the domain control of the other two sites.
3: all three sites have file servers. I have used the dfs synchronous replication function of win2008. What port do I need to open on these three file servers?
4: The exchange 2007 email server is on the sh site. Currently, domain control for access to Shanghai is normal. Bj and sz do not deploy email servers. They will use Shanghai's email system in the future. At this time, what port should I open in the domain control of the sub-site?
Sh Site Server network segment 192.30.1.0 mask 255.255.255.0 client network segment 172.18.0.0 mask 255.255.0.0
Bj Site Server network segment 192.30.2.0 mask 255.255.255.0 client network segment 172.19.0.0 mask 255.255.0.0
Sz Site Server network segment 192.30.3.0 mask 255.255.255.0 client network segment 172.255.0.0 mask 255.255.0.0
A: According to your description, you want to know which ports should be opened for domain control in three sites. As far as I know, we should check the following document to open the corresponding Port:
Overview of Windows Server services and network port requirements
Http://support.microsoft.com/kb/832017/zh-cn
Zhu Yifeng, Microsoft Global Technical Support Center
For more information about how to set Domain Controller ports, see
Branch domain controller port settings
Domain Controller Port
Communication port between the primary domain controller and the secondary Domain Controller
The active directory can be CIDR blocks.
--- Gnaw0725
This article is from the "Active Directory SEO" blog